Conditions
Note
The IP lists feature is at the Preview stage.
Conditions define which HTTP requests the Smart Web Security rule applies to. The following table lists matching options and value formats for each condition. If multiple values are supported, a logical operator is used.
|
Match type and options |
Value and example |
|
|
|
|
|
Format: Logical operator: and |
|
|
Request path, initial part of the request path, or PIRE library regular expression: |
|
|
Format: Logical operator: and |
|
|
Values of the |
|
|
HTTP request method |
|
|
Format: Logical operator: and |
|
|
List of names of legitimate bots owned by various companies and services: |
|
|
List of bots of a certain category: |
|
|
Whether this bot is verified and approved: |
|
|
Score value or range from Score ranges:
Logical operator: and |
|
|
SSL/TLS connection's JA3
|
Regular expression format
You can use regular expressions in conditions that support the following match types:
- Matches regular expression
- Does not match regular expression
- Matches the list of regular expressions
- Does not match the list of regular expressions
These conditions include: HTTP header, Request URI, Query Match, Host, HTTP method, Cookie.
Regular expression operators
-
Quantifiers. These set the allowed number of element repetitions.
-
*: Zero or more occurrences of any characters.a*: Zero or more occurrences of theacharacter.a*b: Any occurrence ofabeforeb.For example,
a*means an empty string,a,aa,aaa, etc. -
a+: One or more occurrences ofa.For example,
a+:a,aa,aaa, etc. -
a?: Zero or one occurrence ofa.For example,
https?://meanshttp://andhttps://. -
{n}: n occurrences. For example,a{3}:aaa. -
{n,m}: From n through m occurrences. For example,a{3,5}:aaa,aaaa, andaaaaa. -
{n,}: At least n occurrences. For example,a{3,}:aaa,aaaa,aaaaa, etc.
-
-
Characters and operations.
-
.: Any single character, but for line break one.For example,
a.bmeansaabandacb, but notab. -
[abc]: One of the characters between the square brackets.For example,
[abc]meansa,b, andc. -
[^abc]: Any character, but for those between the square brackets.For example,
[^abc]means any character other thana,b, orc. -
[a-z]: Any character fromathroughz.For example,
[a-z]means any lowercase letter fromathroughz. -
a|b: Mutually exclusive options, eitheraorb.For example,
example|domainmeans eitherexampleordomain. -
\\w: Any letter. -
\\W: Non-letter (digit, underscore, punctuation marks, space, etc). -
\\d: Digit.\\D: Non-digit. -
\\s: Space.\\S: Non-space.
-
Note
To use a character not as a regular expression operator or special character, escape it with \. For example, you need to escape such characters as . + * [ ] ( ) { } ^ $ ?.
Case in regular expressions
-
Case sensitive. Enter a regular expression in required case.
For example,
exaMplewill represent theexaMplestring. -
Case insensitive. Add
(?i)to the beginning of the expression.For example,
(?i)examplewill represent strings likeexample,EXaMple,EXAMPLE, etc.
Examples of regular expressions
-
User-Agent:\s*: Block requests with empty or space-onlyUser-Agentheader value.In this expression,
\s*is zero or more spaces. -
\\[\'\"\.\;]: Block requests containing\before a suspicious character (backslash injections).In this expression,
\\is backslash, and[\'\"\.\;]is any character from between the square brackets. -
a{100,}: Block requests containing long sequences of identical characters, as this may be a sign of an attack.In this expression,
a{100,}stands for 100 or moreain a row. -
--.*: Block requests containing comments in SQL queries, as this may be a sign of an SQL injection.In this expression,
--is the beginning of an SQL comment, and.*is zero or more of any characters.